jamarirjamarir.hashnode.dev·Dec 1, 2024[OWASP MASTG] Android - DIVA (Damn Insecure and Vulnerable App)Just another Lab Setup / ADB / JADX / Apktool / Frida / Logcat / Native Lib / Insecure Storage / Input Validation / Access Control Write-up. Github page. Web page. APK link. DIVA (Damn insecure and vulnerable App) is an [Android] App intentionally d...DiscussMobileCTF
envi0rforNothing2Losen2l.hashnode.dev·Dec 1, 2024HackTheBox Machine : Jerry Write UpAlthough Jerry is one of the easier machines on Hack The Box, it is realistic as Apache Tomcat is often found exposed and configured with common or weak credentials. Seperti biasa pertama lakukan port scanning. ❯ nmap -sC -sV -T3 10.10.10.95 -Pn Sta...Discuss·1 likehtb
Dentonmy-cybersec-journey.hashnode.dev·Dec 1, 2024CyberSci Regionals 2024Introduction This past weekend on November 23rd, I had the opportunity to represent SAIT on one of their two teams attending CyberSci Regionals here in Calgary this year. Our team, Payload Pirates, was able to secure 3rd place by the end of the four ...DiscussCybersecurity Eventscybersci
jamarirjamarir.hashnode.dev·Nov 24, 2024[HackTheBox] ForestJust another RPC / Port ranges / NTLMSSP / ASREPRoast / User DACL Abuse (RPC passwd) / DCSync Write-up. There might be some discrepencies in this article. Indeed, I will sometimes use cme, and some other times nxc. The methodology, however, remains ...DiscussActive Directory / WindowsCTF
kurtnettlekurtnettle.hashnode.dev·Nov 24, 2024Horrorible Crypt | CryptographyProblem Statement Can you find the encoded Message? 0beaeb0c17f05c53cb443b6f07d04c7674e47077d044595bf54648319fd1ab15 Flag Format: BUBT{Something} Prerequisites <not sure what to put here> (experience I guess?) Solution We didn’t manage to solve ...DiscussCyber Skills Bootcamp Competition | BUBTGOST cipher
kurtnettlekurtnettle.hashnode.dev·Nov 24, 2024Phonetic | CryptographyProblem Statement Encrypted text: Bravo Uniform Bravo Tango Four Lima Whiskey Four Yankee Five Seven Hotel One November Kilo Three Four Five Yankee Flag Format: BUBT{word1_word2_word3} Hint: lower case Prerequisites <not sure what to put here> (...DiscussCyber Skills Bootcamp Competition | BUBTbubt
kurtnettlekurtnettle.hashnode.dev·Nov 24, 2024ffuuuuunnyyy!! | SteganographyProblem Statement Sometimes what you see doesn’t happen. Could you tell me what you see in this file? Flag Format: BUBT{something} ffuuunnnnyyyyy.png Prerequisites <not sure what to put here> Solution Since the file is not opening normally, I s...DiscussCyber Skills Bootcamp Competition | BUBTmagic bytes
kurtnettlekurtnettle.hashnode.dev·Nov 24, 2024NS6 | Network Security SeriesProblem Statement Knowing the attacker's user-agent assists in creating robust filtering rules. What's the attacker's user agent? Flag Format: BUBT{Full User Agent} network_artifacts.pcapng Prerequisites Wireshark (viewing packet details) Solut...DiscussCyber Skills Bootcamp Competition | BUBTbubt
kurtnettlekurtnettle.hashnode.dev·Nov 24, 2024NS5 | Network Security SeriesProblem Statement Understanding the value of compromised data assists in prioritizing incident response actions. What file was the attacker trying to exfiltrate? Flag Format: BUBT{filename} network_artifacts.pcapng Prerequisites Wireshark (basi...DiscussCyber Skills Bootcamp Competition | BUBTbubt
kurtnettlekurtnettle.hashnode.dev·Nov 24, 2024NS4 | Network Security SeriesProblem Statement Identifying the port utilized by the web shell helps improve firewall configurations for blocking unauthorized outbound traffic. What port was used by the malicious web shell? Flag Format: BUBT{PortNo} network_artifacts.pcapng ...DiscussCyber Skills Bootcamp Competition | BUBTCTF Writeup